A blog with tips, tricks and tutorials to help you prepare your CCIE Wireless lab exam.

Monday, January 4, 2016

CCIEW v3, what to expect

CCIE W v3 came out a few weeks ago. What should you expect?


The new version of the exam is based on AireOS 8.0 (previous version, v2, was based on 7.0). It is therefore fair game to expect to see "some of the new stuff" that appeared between 7.0 and 8.0, such as mDNS, IPv6 (for the infrastructure, IPv6 for clients was already in v2),  802.11ac, SSO, 802.11k/v/u/w/r, AVC, device Profiling, onboarding, RX_SOP, RF Profiling, but also all the enhancements that came into existing features, such as RADIUS DNS, QoS profiling from ISE (yes, ISE replaces ACS), wIPS, DNS-based ACLS, L2 ACLs, Min/Max power for TPC, and tons of changes on the Flex APs (local PEAP or TLS for example), not to mention new features on the MSE like Visitor Connect...
Okay, let's cut it short. It is not one of these updates where you think "I just need to brush up one one or two items, and I'll be good to go". You probably want to do a clean study of the entire WLC config guide 8.0. At the same time, the update from v1.0 to v2.0 also displayed a daunting list of changes, which is to be expected when an exam jumps across two major releases. Even if the list above looked scary to you, it is very likely that you have heard of, or worked with, quite a few of the items  in that list (unless your boss really thinks that 7.0 is the best code on earth). And if you have not heard of some of the items in the list, it is likely that they are not fundamental (doesn't mean that you won't get them in the lab, but they are likely not to be the core of your exam). The logic of any exam is always: make sure that the candidate knows the core of the body of knowledge (for example, it would be funny if the CCIE R&S exam did not test routing or VLANs). Once this is taken care of, the expert exam tends to test tinier items. The less items on that 'non-core' list, the more in depth you can expect tests on these "tinier items" to be. Similarly,  a longer list means that you are unlikely to be tested very deeply on many of these tinier items. Why not? Because despite Non Disclosure Agreements that people sign when taking the exam, people still talk, and it would not take long before forums would display "they only test items A and B". So, a longer list means that you are likely to get more items (and different items in each exam set). As the exam duration is still the same, each item is tested less in depth. It is still likely to be an expert level, but there is "expert" and "crazy expert". More items pushes the bar from "crazy" to just "expert", knowing your stuff well should be enough.


That's another scarecrow. As Converged Access is in the lab, you are likely to get 3650/3850 Switches and/or 5760s (maybe, maybe not, but likely). Are you expected to be a guru on these platforms? My bet is "probably not". As these beasts are on the blueprint, you need to know how to configure them for the classic functions that a wireless guy can expect from these boxes (WLAN, MC, MA, PoP, PoA, etc). However, these devices embark the IOS, and can do much, much more than wireless. A wireless guy is of course expected to know basic routing, but it is very unlikely that you may need to configure insane Wired-only functions. If you are comfortable running basic configurations in the GUI, you probably know most of what you need to know to survive this part. Add knowledge of what CLI configuration is done when you configure this or that in the GUI (in other words, survive the CLI), and you should be very close to where you need to be to enjoy the CA section in the exam. A common misconception about this version of the exam is that you need IOS-XE as deep as AireOS.


MSE is in the exam, with new functions. If you get a chance to read on what you can configure, you will soon discover that, just like in v2.0, the scope of what can be asked is limited. Rent and MSE for a day or 2, and you should know enough to be comfortable with any question. The same goes for PI. I often ask myself: what can they ask in PI that you could not find with a few clicks? Learning the interface is not hard... and all you need to know is the interface (there are very few features that you will find only in PI, and not in the WLC, that you would care about as a Wireless engineer).
ISE is just like ACS: scary because it is an entire world. Here again (and just like ACS), you are the wireless guy, so there should not be any feature that is so deep that you would need an ISE expert to help you. Knowing how to create standard policies is what ISE is about in the Wireless IE.

Troubleshooting/Diagnostic section:

This is new to this version of the exam, and aligns with similar sections of the other IE tracks. Google around, and you will find tons of examples of such diagnostic questions for the various tracks. The format is simple: you get a troubleshooting ticket, in the form of a collection of messages exchanged between people. Your job is to find the root cause of the problem. There is no direct interaction with a device (no typing and sweating through debug commands that you have to type). The goal is to read the exchange, to understand what is reported to be wrong. Then, navigate through the various exchanges to find the piece of information that would tell you what happened. Mmm... not clear? Maybe an example would help. Suppose you get a report from a customer saying that they cannot associate to the SSID (made up example, this is VERY unlikely to be what you will get in the real exam). What I would do here is wonder if no-one can associate, or just that one customer. And also I would want to know what the WLAN config is. You browse through the dialog and find that everyone else associates fine (hint, user config problem), further down, you find the spot where the config of the WLAN is described. It is WPA2/PSK. Okay, my next move would be to try to find the client config, or a sort of capture of the association exchange. And if you find that somewhere, and get a WLC message that complains about wrong key, bingo, the user has the wrong key configured, that's the problem. The real exam cases (you may get several cases, depending on each case difficulty) are probably a bit less "CCNA-level", but the logic is the same: browse through the docs to understand what the problem is, and try to spot information that shows the cause of the problem, and voila.

Conclusion: try or wait?

Most candidate wisely wait a few weeks when a  new exam comes out, so as not to be the first ones to crash test the new exam. Then, training organisations start publishing training material and the seats for the exam become hard to get... a major difficulty for this version will be for training companies to tell you exactly how much ISE, and how much IOS-XE, are required. A safe approach is to train you on almost everything (so as not to miss anything, and also not to disclose directly what they may have learned from other candidates on the exam specifics). If you have a chance to train on IOS-XE devices, and get your lab setup with what you will get in the lab, my advice would be not to wait, and give the exam a try. You may fail (but hey, maybe pass the first time, first-time passers are not unheard-of jewels anymore), but you will learn a lot on the exam logic, structure, and also on the depth to be expected to each section. In other words, you will learn how the game is played. This will help you tremendously pass the next time...